Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Zs_suF6TTDQJp-XE7c4X2AZunJ0.roa
File: Zs_suF6TTDQJp-XE7c4X2AZunJ0.roa (raw, json)
Hash identifier: L66/OaSntFU8OuGj2htHCARbNwXp/YwPgdguMwk07FY=
Subject key identifier: 66:CF:EC:B8:5E:93:4C:34:09:A7:E5:C4:ED:CE:17:D8:06:6E:9C:9D
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018F51E6E1CED4D8D5BE82CC655228289892
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Zs_suF6TTDQJp-XE7c4X2AZunJ0.roa
Signing time: Tue 07 May 2024 07:13:56 +0000
ROA not before: Tue 07 May 2024 07:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 89.49.0.0/21 maxlen: 21
89.50.0.0/16 maxlen: 24
194.97.192.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 12:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:51:e6:e1:ce:d4:d8:d5:be:82:cc:65:52:28:28:98:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: May 7 07:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66cfecb85e934c3409a7e5c4edce17d8066e9c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:44:0f:d1:a0:df:07:b0:2d:db:5b:cb:29:3e:
a8:14:7d:51:9b:8e:52:7d:45:ca:19:fb:a8:18:e9:
89:cb:fa:26:fb:a0:8d:32:47:f5:d3:3d:0b:32:85:
91:5e:8f:63:f7:1f:7c:1c:c6:c5:c0:be:58:73:37:
17:f4:a4:d3:12:06:81:f6:a2:b4:b0:d2:c9:a9:9f:
c3:c4:bf:17:2e:3f:80:4c:83:22:ee:71:be:a3:ce:
f6:ad:4c:ac:dd:ba:21:3b:27:4e:83:f6:b7:1a:f7:
5d:2b:2e:ce:7a:bb:64:44:f1:6a:61:9e:25:8a:e3:
10:d9:00:f1:70:f4:4f:4b:0a:a2:00:9b:01:a5:f1:
05:66:6d:b7:75:ff:bc:ac:18:f8:72:d3:4b:88:36:
3f:f1:bc:89:0a:00:79:44:13:26:04:04:10:40:15:
ae:96:9c:2c:e2:44:e6:d3:f5:a1:6a:ba:16:e0:4d:
8b:22:05:96:40:26:86:f0:e6:74:d1:cc:72:79:5c:
ac:dc:fa:45:e4:80:25:6c:79:e4:07:0a:05:30:05:
cb:66:c6:d6:5f:aa:ad:d8:06:6e:5a:d4:c6:5d:ff:
da:10:b8:ab:43:6f:18:67:7c:8d:5a:4e:9b:5f:37:
11:fa:6f:25:54:72:b2:27:2a:76:9b:36:fd:bc:b6:
18:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CF:EC:B8:5E:93:4C:34:09:A7:E5:C4:ED:CE:17:D8:06:6E:9C:9D
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Zs_suF6TTDQJp-XE7c4X2AZunJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.49.0.0/21
89.50.0.0/16
194.97.192.0/23
Signature Algorithm: sha256WithRSAEncryption
18:c5:4f:e4:41:20:a2:1c:79:a1:f4:92:da:87:77:c3:38:f5:
4f:3d:14:eb:55:29:1c:20:0e:07:64:bb:97:c6:2f:cb:54:92:
9a:9d:ad:e7:d4:2d:2c:5f:33:dd:ac:e1:b2:da:c9:c0:4e:98:
29:d0:b3:e1:bf:20:ab:cc:2b:e8:52:15:9d:7b:df:f5:b8:96:
8a:43:5d:7e:50:79:22:de:16:23:d7:8e:68:e3:2b:3c:9b:81:
64:8c:86:d9:cc:ca:ea:e1:25:a5:c4:3c:56:e3:76:24:6f:db:
94:97:81:ab:b0:4a:46:03:9b:7e:69:21:ec:f3:61:23:d4:49:
c0:f0:60:1b:a0:ce:4d:09:2c:94:f1:30:a9:45:71:04:a8:1e:
f0:61:7a:e3:de:d8:b1:cb:37:43:70:6f:2e:77:19:2b:a0:0c:
e9:b0:a4:28:ca:c9:39:74:b3:4a:e2:dd:f0:a0:4e:a7:4b:63:
cc:97:b5:38:4a:2b:7c:5b:4e:a4:db:16:09:20:8e:8d:3b:fe:
de:47:95:fd:89:ab:8f:33:39:b3:83:0a:61:7c:7b:fc:ae:e9:
54:53:03:f2:55:bc:a8:16:8f:e8:a5:e3:ab:c0:0a:1f:f3:dd:
c2:f9:00:71:94:5f:61:48:65:06:0a:51:01:60:8d:ce:11:54:
b4:0c:39:2c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY9R5uHO1NjVvoLMZVIoKJiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNTA3MDcxMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmNmZWNiODVlOTM0YzM0MDlhN2U1YzRlZGNlMTdkODA2NmU5YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UQP0aDfB7At21vLKT6oFH1Rm45S
fUXKGfuoGOmJy/om+6CNMkf10z0LMoWRXo9j9x98HMbFwL5YczcX9KTTEgaB9qK0
sNLJqZ/DxL8XLj+ATIMi7nG+o872rUys3bohOydOg/a3GvddKy7OertkRPFqYZ4l
iuMQ2QDxcPRPSwqiAJsBpfEFZm23df+8rBj4ctNLiDY/8byJCgB5RBMmBAQQQBWu
lpws4kTm0/WharoW4E2LIgWWQCaG8OZ00cxyeVys3PpF5IAlbHnkBwoFMAXLZsbW
X6qt2AZuWtTGXf/aELirQ28YZ3yNWk6bXzcR+m8lVHKyJyp2mzb9vLYYawIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFGbP7Lhek0w0CaflxO3OF9gGbpydMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvWnNfc3VGNlRURFFKcC1YRTdjNFgyQVp1bkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQDWTEAAwMA
WTIDBAHCYcAwDQYJKoZIhvcNAQELBQADggEBABjFT+RBIKIceaH0ktqHd8M49U89
FOtVKRwgDgdku5fGL8tUkpqdrefULSxfM92s4bLaycBOmCnQs+G/IKvMK+hSFZ17
3/W4lopDXX5QeSLeFiPXjmjjKzybgWSMhtnMyurhJaXEPFbjdiRv25SXgauwSkYD
m35pIezzYSPUScDwYBugzk0JLJTxMKlFcQSoHvBheuPe2LHLN0Nwby53GSugDOmw
pCjKyTl0s0ri3fCgTqdLY8yXtThKK3xbTqTbFgkgjo07/t5Hlf2Jq48zObODCmF8
e/yu6VRTA/JVvKgWj+il46vACh/z3cL5AHGUX2FIZQYKUQFgjc4RVLQMOSw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org